Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31510 Path Traversal vulnerability in Simple-Rat Project Simple-Rat 20220503
The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
simple-rat-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31511 Path Traversal vulnerability in Equanimity Project Equanimity
The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
equanimity-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31512 Path Traversal vulnerability in Flask-Mvc Project Flask-Mvc
The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
flask-mvc-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31513 Path Traversal vulnerability in Krypton Project Krypton
The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
krypton-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31514 Path Traversal vulnerability in FAN Platform Project FAN Platform
The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
fan-platform-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31515 Path Traversal vulnerability in Carceresbe Project Carceresbe 1.0
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
carceresbe-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31516 Path Traversal vulnerability in Harveyzyh Python Project Harveyzyh Python
The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
harveyzyh-python-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31517 Path Traversal vulnerability in Mercury Sample Manager Project Mercury Sample Manager 20210420
The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
mercury-sample-manager-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31518 Path Traversal vulnerability in Python-Recipe-Database Project Python-Recipe-Database
The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
python-recipe-database-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31519 Path Traversal vulnerability in Windmill Project Windmill 1.0
The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
windmill-project CWE-22
critical
 9.3
9.3